Category: Tips and Tricks


This is a new weekly post with a tip for Windows, OS X, Linux, iOS, Android… anything really that I hope could help others in their daily computing lives.

This week’s tip is a Windows tip. Ever wonder what permissions you have in your organization? What groups are you part of? What is my SID?

There is a nice command introduced back in the Windows XP days called whoami. First introduced as part of the support tools, and now part of the standard install of windows, this command can give you all the information about the currently logged on user.

If we just issue whoami in CMD, we will get this:

Nothing spectacular, but lets look at the flags to the command:
We can see there is a /ALL flag, lets see what happens when we run whoami /all
(Important SIDs are whited out)
We can see a whole bunch of information, like my username, my SID, domain group memberships and even my permissions.
So if you ever want a user to send you their information, you can make a batch script that has:
whoami /all > userinfo.txt
This will save this information into a text file that the user can send your way and you can see all their group information and make changes as necessary.
Advertisements

Another weird bug cam across my desk this week, this time, dealing with VMware Fusion and Mapping USB devices to a VM.

The problem is that when you connect a USB device to via the menu to the VM in question, VMware fusion never actually does the attachment to the VM, thus scratching your head say.. is it the Windows the problem? is it the port? what is it?

Turns out that this problem can be caused by permissions! Go into Terminal on the Mac and type:

ls -ld /

this should present the permissions:

drwxr-xr-x  33 root  wheel  1190 14 Dec 09:17 /

If its anything else, then we are going to need to fix the permissions.

FIrst place to go is in the disk utility, select your disk, and then click “Verify Permissions” and  “Repair Permissions”

If this doesn’t solve the problem, you can always go Linux and type the following commands in the Terminal window:

sudo -s

chown root:wheel /

chmod 755 /

This will require a reboot of the Mac, and now you should have the right permissions to map the USB devices!

 
Original KB Article: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2004687

With a lot of modern routers (ISA, Watchguard, etc..) we can put some proxy actions for publishing services. What’s the advantage? We can monitor the entire conversation between the client and our web server. Just like client outbound proxies, however, there can be some mishaps.

One good example is how a WebDav server can behave under a http proxy, you may get mixed results. OWA (Outlook Web Access) is a WebDav server for IE clients, and sometimes you may get errors like not being able to see your inbox, but you can see your folders just fine, or Active Sync just not working at all.

First lets look at the OWA error. In my example, I’m using a Watchgaurd XTM firewall with a HTTPS proxy to publish OWA. With the Proxy’s default values, we can log into OWA, but showing anything in the inbox keeps a “loading…” message. In order to make the inbox come up, we need to add a simple checkbox:

Remote Desktop Connection

Which bypasses proxy actions to allow WEBdav.

Next, lets look at ActiveSync. ActiveSync will just not work with watch guard’s default HTTPS proxy. The best way to diagnose it to try to go to the ActiveSync web page:

Watchguard http proxy  Google Images

With this, we need to allow the “Option” method in the HTTP protocol:

Watchguardhttpoption

I recently got myself a Mac Mini (mid-2011) to act as a Media Center, and as a server for my home environment. I will admit, things were not as smooth as I anticipated..

Apart from not having control of DHCP and DNS from the default Server.app (not that I’m bitter), having to download the remote server admin tools to control open directory.. The Time Machine server function never “just worked” for me.

On the server.app, setup is plainly simple. Choose your Disk, and turn it on:

NewImage

So the setup is practically seamless. How does another Mac backup to the time machine server? The server uses bonjour to broadcast the backup service. What’s presented to your Mac is a share on the server called “Backups”:

System Preferences

What SHOULD happen is backups over Wifi, pretty cool! One problem, troubleshooting this thing is not user friendly AT ALL, as in my case:

All Messages

What does “NAConnectToServerSync failed with error: 80” mean?

Of course, Lion is brand spanking new, so googling for help was useless (especially for lion server), Turns out, my password that I was using was the culprit.

In my password, I had a special character “$”. This messes with the mount_AFP command that is issued to backup. The Solution? Create a Backup user without special characters for its password.

Now, with this considered, I find this HORRIBLE! How, in this day and age, not allow special characters for passwords in order for stuff to work? It’s beyond me. A lot of my server experience has been a big mess. In windows when I DCPROMO a server, it installs DNS, why is DNS and DHCP so buried in the settings.. I don’t get it..

Hopefully Apple can get on this and put the same Quality Control it does like its consumer products.. Hell, 50$ Server License for all your Macs, you can pretty much call it a consumer product.

Remember the good old days when you wanted to export an e-mail account out of exchange for archiving, or just general backup purpose? We admins needed to install EXMERGE!
Exmerge was, and still is, a blessing to admin’s everywhere, it was a powerful tool that gave you more control of exporting or importing mailboxes in exchange, packaging everything up in a nice .PST file so you can re-import, or open it up with outlook. Let’s face facts though, by today’s standards, its not the most elegant/modern solution going. I was happy to see that Microsoft added this functionality in exchange 2010 through Powershell, and no Outlook required!

First off, we need to add your AD account as part of the mailbox import export role, lets fire up the Exchange Management Shell and type up:

New-ManagementRoleAssignment –Role “Mailbox Import Export” –User domain\AdministratorAccount

Before we start exporting and importing, there is one small snag, we need to use network shares for output and input of pst files. Of course, it can be a share within the exchange server itself. (Make sure you have full read and write permissions on the share!)

So lets start with Exporting.

When your importing or exporting, you issue a request, think of it as moving a mailbox in the Exchange Management Console. The request holds the status of the job, even when the job fails or completes.

To start an export request:

New-MailboxExportRequest -Mailbox user -FilePath “\\server\share\user.pst”

This will issue an export request.. now what? We can list the export request by issuing:

get-mailboxexportrequest

There is a more detailed output:

get-mailboxexportrequeststatistics

this is good, but now i want the full details of the request I just made:

get-mailboxexportrequeststatistics -identity user\mailboxexport | fl

If we want to create a mailbox import request, its the same commands, but just change “export” to “import”

New-MailboximportRequest -Mailbox user -FilePath “\\server\share\user.pst”

get-mailboximportrequest

get-mailboximportrequeststatistics

get-mailboximportrequeststatistics -identity user\mailboximport | fl

The vSphere platform is in my opinion the most complete package for the virtualized datacenter. One of my gripes about it is the manipulation of data in the VMFS file system.. its mostly controlled via the vSphere client, and going deep into CLI on the host itself.
That isn’t a problem when you live only in a vSphere world but sometimes, for debugging or troubleshooting, an extra tool to get the data off of VMFS wouldn’t hurt.

Thats where this tip comes in, there are tools out there that you can use on different operating systems to mount the VMFS datastore. For this article we are going to be using Ubuntu 11.04 desktop to mount a VMFS hard drive.

First off, we are going to need the tools, these are called simply VMFS-TOOLS, and luckily we can get it with a simple apt-get

sudo apt-get install vmfs-tools

Now this is a package install, so there are 3 commands included in this package:

vmfs-fuse
debugvmfs
fsck.vmfs

For this tip we are going to use vmfs-fuse, which is the utility to mount VMFS.

Lets MAN into VMFS-FUSE…

vmfs-fuse VOLUME MOUNTPOINT

Simple enough, now the only problem is that if we look into /dev and ls, we get a lot of permissions for the disk in question:

2011 05 28 1142

Thats right, 8 partitions esxi created, a simple fdisk will give us the readout of which one is the VMFS partition:

2011 05 28 1145

sdb3 it is!

sudo vmfs-fuse /dev/sdb3 /mnt/vmfs

if there is no errors, it should have mounted. Trying to explore the filesystem is not possible, thats because of the funky permissions it gives:

2011 05 28 1148

This removes only a little convienience, because we can still browser by using the paths

sudo ls /mnt/vmfs -lah

2011 05 28 1151

The pure intention of this tip is to copy VMs out of the VMFS file system for archiving or troubleshooting purposes. So we can copy the VM “test vm” to a folder in ubuntu.

Note that when you copy, all thin disks will be converted to Thick, meaning a thin vm of 8GB will take the full 8GB of space on your local file system.

2011 05 28 1137

Reference: http://www.planetvm.net/blog/?p=1592